JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.
If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.
If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.
| CodeSonar® 9.2p0 | CONFIDENTIAL | CodeSecure Inc |
The CodeSonar warning category search language allows you to specify search conditions based on various warning category properties, and provides basic logical operators for combining multiple conditions. It can be used both to specify and to refine searches.
The warning category search language grammar is based on the standard CodeSonar search grammar, with several extensions:
Literal strings are displayed in pink text.
T : quoted-string | ilike-condition | imatch-condition | field-condition | ( T ) | unary T | T binary T | T T | word field-name : name | rule | taxonomy
The following table shows the relationship between the warning category-specific field-name values and the properties of a warning category, along with the expected type of the condition part of a field-condition.
| field-name | Contents | Condition Type |
|---|---|---|
| name | Name | word | quoted-string |
| rule | Rule | word | quoted-string |
| taxonomy | Taxonomy | word | quoted-string |
Plain text search terms—word and quoted-string—are compared against the following fields, with substring search.
The following table shows simple example queries using field-names from the warning category search language.
Note that search results will only include categories that have appeared in analysis results submitted to the hub.
| example | explanation |
|---|---|
| name="CWE:122" | Find the category with exactly this name. |
| name=~~"CWE:1_2" | Find categories whose name
has the form 'CWE:1c2', where c is a single
character. For example, this will match 'CWE:122' but not 'CWE:1002'. |
| rule:err | Find categories whose rule component contains the
(case-insensitive) substring 'err'. For example, this will match 'ERR57-CPP', 'ERR02-J' and '5.19-liberr'(which correspond to rules in the built-in CERT-CPP, CERT-Java, and TS17961 taxonomies, respectively). |
| rule=~^D taxonomy:misra | Find all categories whose rule
component starts with 'D' (case-insensitive) and that are
in a taxonomy whose name contains the (case-insensitive)
substring 'misra'. This will include any categories corresponding to directives in built-in taxonomies Misra2012, MisraC2023, and MisraC2025. |
| taxonomy="CERT-C" | Find all categories in taxonomies
whose names is 'CERT-C' (case-insensitive). This will include any categories in the built-in CERT-C taxonomy. |
| taxonomy:CERT | Find all categories in taxonomies
whose names contain the (case-insensitive) substring
'CERT'. This will include any categories in built-in taxonomies CERT-C, CERT-CPP, and CERT-Java. |
| taxonomy=~"c.*t" | Find all categories in taxonomies whose names contain substring 'c' and subsequently substring 't' (case insensitively). This will include any categories in built-in taxonomies CERT-C, CERT-CPP, CERT-Java, and typescript-eslint. |
To report problems with this documentation, please visit https://support.codesecure.com/.